Lucene search

IbmVULNRICHMENT:CVE-2023-46171

HistoryMar 07, 2024 - 8:26 p.m.

CVE-2023-46171 IBM DS8900F information disclosure

2024-03-0720:26:47

CWE-532

ibm

github.com

ibm

ds8900f

information disclosure

cve-2023-46171

x-force id

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

4.2

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to view sensitive log information after enumerating filenames. IBM X-Force ID: 269408.

CNA Affected

[
  {
    "vendor": "IBM",
    "product": "DS8900F",
    "versions": [
      {
        "status": "affected",
        "version": "89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, 89.33.48.0"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/269408

www.ibm.com/support/pages/node/7130084

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

4.2

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2023-46171